No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Web-based Configuration Guide

AR650, AR1600, and AR6100 V300R003

This document describes how to configure and maintain your routers using the web platform.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
HWTACACS Setting

HWTACACS Setting

Context

HWTACACS prevents unauthorized users from attacking a network and supports command-line authorization. Compared with RADIUS, HWTACACS is more reliable in transmission and encryption, and is more suitable for security control.

Procedure

  • Global Setting
    1. Log in to the web platform and choose Security > AAA > HWTACACS Setting. As show in Figure 14-61.

      Figure 14-61   HWTACACS Setting

    2. Click Enable > Apply to enable global HWTACACS function.
  • HWTACACS Server Template

    • Creating a HWTACACS server template

    1. Access the HWTACACS Setting tab page.

      Log in to the web platform and choose Security > AAA > HWTACACS Setting.

    2. Click Create in the HWTACACS Server Template area, and set parameters in the Create HWTACACS Server Template dialog box that is displayed. Table 14-31 describes the parameters. As show in Figure 14-62.

      Figure 14-62   Create HWTACACS Server Template

      Table 14-31  Parameters for creating a HWTACACS server template

      Parameter

      Description

      Template name

      Name of a HWTACACS server template.

      Cipher key

      Shared key for the HWTACACS server.

      The shared key is used to encrypt the password and generate the response authenticator.

      Confirm key

      Confirmed shared key of the HWTACACS server.

      User name

      Whether the packets sent by the device to the HWTACACS server contain domain names.
      • Original user name
      • With domain name
      • Without domain name
      NOTE:

      If the HWTACACS server does not accept the user names carrying domain names, select Without domain name. Then the device removes domain names from the user names.

    3. Click OK.

    • Modifying a HWTACACS server template

    1. Access the HWTACACS Setting tab page.

      Log in to the web platform and choose Security > AAA > HWTACACS Setting.

    2. Select the HWTACACS server template in the HWTACACS Server Template area, and click .
    3. In the Modify HWTACACS Server Template dialog box that is displayed, modify the parameters. The parameter Template name cannot be modified. The parameters are the same as those in Figure 14-62
    4. Click OK.

    • Deleting a HWTACACS server template

    1. Access the HWTACACS Setting tab page.

      Log in to the web platform and choose Security > AAA > HWTACACS Setting.

    2. Select the check box of the HWTACACS server template in the HWTACACS Server Template area, and click Delete.
    3. In the dialog box that is displayed, click OK.
  • Authentication/Authorization/Accounting server

    • Creating an authentication, authorization, or accounting server

    1. Access the HWTACACS Setting tab page.

      Log in to the web platform and choose Security > AAA > HWTACACS Setting.

    2. Click Create in the Authentication/Authorization/Accounting Server area, and set parameters in the Create Authentication/Authorization/Accounting Server dialog box that is displayed. Table 14-32 describes the parameters. As show in Figure 14-63.

      Figure 14-63  Create Authentication/Authorization/Accounting Server

      Table 14-32  Parameters for creating an authentication, authorization, or accounting server

      Parameter

      Description

      Template name

      Name of the created HWTACACS server template.

      Server type

      HWTACACS server type: authentication, authorization, or accounting server.

      VPN instance

      Created VPN instance.

      IP address

      IP address of the authentication, authorization, or accounting server.

      Port

      Port number of the authentication, authorization, or accounting server.

    3. Click , adding the ip address, port number for the other authentication, authorization, or accounting server.

      Addresses of three servers can be configured.

    4. Click OK.

      NOTE:

      You can quickly search for the created authentication, authorization, or accounting servers based on the specified criteria.

    • Modifying an authentication, authorization, or accounting server

    1. Access the HWTACACS Setting tab page.

      Log in to the web platform and choose Security > AAA > HWTACACS Setting.

    2. Select an authentication, authorization, or accounting server in the Authentication/Authorization/Accounting Server area, and click .
    3. In the Modify Authentication/Authorization/Accounting Server dialog box that is displayed, modify the parameters. The parameters Template name and Server type cannot be modified. The parameters are the same as those in Figure 14-63
    4. Click OK.

    • Deleting an authentication, authorization, or accounting server

    1. Access the HWTACACS Setting tab page.

      Log in to the web platform and choose Security > AAA > HWTACACS Setting.

    2. Select the check box of an authentication, authorization, or accounting server in the Authentication/Authorization/Accounting Server area, and click Delete.
    3. In the dialog box that is displayed, click OK.
Download
Updated: 2019-04-12

Document ID: EDOC1100041803

Views: 31220

Downloads: 71

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next